Friday, November 25, 2011

How to install (Go Daddy) certificate on Tomcat/Ubunto

Recently I spent a lot of time installing new certificate I bought from GoDaddy on my Tomcat server.
Although this process should be common, I could not create certificate chain via java keytool.
At the end I found that the GoDaddy documentation was lacking some basic info and I needed to find it my self.

So, for any of you who bought certificate via GoDaddy and need to deploy it into tomcat, here is the complete guide:

1. Create new public/private key (key pair) via keytool
- It is important to provide complete path to keytool. Verify it located in the same JRE folder tomcat use.
- Mind the alias name, we need to keep consistency with the next steps.
/complete/path/to/keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore /path/cer/tomcat.jks

2. Create server csr file.
Needed to issue certificates from your CA (e.g. GoDaddy).
- Use RSA as key algorithm
- Use same alias as you used in previous step
/complete/path/to/keytool -certreq -keyalg RSA -alias tomcat -file /path/cer/tomcat.csr -keystore /path/cer/tomcat.jks

At the end of this step, go to your CA certificate management panel and re-key the certificate using the tomcat.csr file content.
Save the (extracted) files on your sever (in our example /path/cer/)

3. Get your server private key.
This step needed, since the private key required for the certification chain creation. The keystore file we created contains both public and private key.
Since keytool can not get the private key, we need to use additional tool.
For me KeyTool-IUI did the trick. You can use this link too.
The relevant menu item is specified in the image below:

The private key file should be in the format specified in the image below:

4. Create the certificate chain:
- You can replace gd_bundle.crt with any root certificate given by your CA.
- Make sure the "-name" variable is the same as alias given in step #1.
openssl pkcs12 -export -chain -CAfile /path/cert/gd_bundle.crt -in /path/cert/your_domain.crt -inkey /path/cert/tomcat.pem -out /path/cert/keystore.tomcat -name tomcat -passout pass:YOUR_PASSWORD

5. Update Tomcat server.xml file:
<Connector executor="tomcatThreadPool" protocol="org.apache.coyote.http11.Http11Protocol"
        enableLookups="true" disableUploadTimeout="true"
        scheme="https" secure="true" SSLEnabled="true"
        keyAlias="tomcat" keystoreType="PKCS12"
        clientAuth="false" sslProtocol="TLS"

Restart Tomcat and you are ready to go!

If this post saved you time, kindly share it with others.

Thursday, November 24, 2011

Convert PDF to image via PDFbox

Recently I have been asked to generate an image from a PDF file.

In this post I'll use the Apache project pdfbox as the ImageToPDF converter.

Convert PDF page into image
I'll specify two samples, however full complete documentation about  possible options and default values could be found here.

String pdfPath = "/path/to/file.pdf";
//config option 1:convert all document to image
String [] args_1 =  new String[3];
args_1[0]  = "-outputPrefix";
args_1[1]  = "my_image_1";
args_1[2]  = pdfPath;

//config option 2:convert page 1 in pdf to image
String [] args_2 =  new String[7];
args_2[0] = "-startPage";
args_2[1] = "1"
args_2[2] = "-endPage";
args_2[3] = "1";
args_2[4] = "-outputPrefix"
args_2[5] = "my_image_2";
args_2[6] = pdfPath;

try {
// will output "my_image_1.jpg"
// will output "my_image_2.jpg" 
      } catch (Exception e) { logger.error(e.getMessage(),e); }
and that's it. As simple s that.
The output image is very good and include also text that was created in JavaScript in the PDF.

Tuesday, November 8, 2011

Have you used bitly/TinyURL? Check out the following cool site is a new site targeting anyone who seek to shorten a URL.
The differentiation from common URL shortening services in the web (such as bitly and TinyURL) is that CatchyLink generate ....hmmm.... catchy links :-) .

Other sites generates short url that is a collection of hashed letters, no human can remember it or tell it our loud, such as

CatchyLink creates URL that not only is short but also one that humans can pronounce and remember.
Such as: 
Catchy, right?

This is very useful if you need to tell someone else the link or you simply need a link that no one will forget. In our case you can tell your audience to enter the BigBlueOcean. Cool right?

CatchyLink also allows you to regenerate the Catchy Link, in case you did not like the suggested URL.   It actually quite funny & addictive ...  try it and see what I mean ... !

Storing long strings in Google App Engine

Recently I am experimenting with Google App Engine development for a small cool project I involved in.
(p.s. GAE has been recently got out of preview mode into release mode)

As you probably know,  the data is persist in NoSQL type storage.
This has some implications on the state of mind one need to model and access its data.

I was surprised to learn the concept and constraint this model brings ( such as that queries will use only AND no OR..).

Once interesting issue that I faced was the fact that String field is limited to 500 characters.

Since I needed to store longer strings, I immediately turned into the next data type which contains higher amount of characters - Text.
However, following that change I faced another problem - I could not do any queries on that field, since it could not be indexed.

Therefore I sought another solution.
I decided to split the long string into smaller chunks (500 long each) and store it in StringList type.
That provided me a way to keep the string length and have queries by this field (Google Query Language allows to do queries on list).

So my question is - do you have any other solution for storing long Strings given the fact that the field required to be searchable?

The project was written in python.... grrrr... I have nothing further to say.